| <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> |
| <!-- NewPage --> |
| <html lang="en"> |
| <head> |
| <!-- Generated by javadoc --> |
| <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> |
| <title>HttpMethodPermissionFilter (Apache Shiro 1.13.0 API)</title> |
| <link rel="stylesheet" type="text/css" href="../../../../../../stylesheet.css" title="Style"> |
| <script type="text/javascript" src="../../../../../../script.js"></script> |
| </head> |
| <body> |
| <script type="text/javascript"><!-- |
| try { |
| if (location.href.indexOf('is-external=true') == -1) { |
| parent.document.title="HttpMethodPermissionFilter (Apache Shiro 1.13.0 API)"; |
| } |
| } |
| catch(err) { |
| } |
| //--> |
| var methods = {"i0":10,"i1":10,"i2":10,"i3":10,"i4":10,"i5":10}; |
| var tabs = {65535:["t0","All Methods"],2:["t2","Instance Methods"],8:["t4","Concrete Methods"]}; |
| var altColor = "altColor"; |
| var rowColor = "rowColor"; |
| var tableTab = "tableTab"; |
| var activeTableTab = "activeTableTab"; |
| </script> |
| <noscript> |
| <div>JavaScript is disabled on your browser.</div> |
| </noscript> |
| <!-- Matomo --> <script> var _paq = window._paq = window._paq || []; /* tracker methods like "setCustomDimension" should be called before "trackPageView" */ /* We explicitly disable cookie tracking to avoid privacy issues */ _paq.push(['disableCookies']); _paq.push(['trackPageView']); _paq.push(['enableLinkTracking']); (function() { var u="//matomo.privacy.apache.org/"; _paq.push(['setTrackerUrl', u+'matomo.php']); _paq.push(['setSiteId', '2']); var d=document, g=d.createElement('script'), s=d.getElementsByTagName('script')[0]; g.async=true; g.src=u+'matomo.js'; s.parentNode.insertBefore(g,s); })(); </script> <!-- End Matomo Code --> |
| <!-- ========= START OF TOP NAVBAR ======= --> |
| <div class="topNav"><a name="navbar.top"> |
| <!-- --> |
| </a> |
| <div class="skipNav"><a href="#skip.navbar.top" title="Skip navigation links">Skip navigation links</a></div> |
| <a name="navbar.top.firstrow"> |
| <!-- --> |
| </a> |
| <ul class="navList" title="Navigation"> |
| <li><a href="../../../../../../overview-summary.html">Overview</a></li> |
| <li><a href="package-summary.html">Package</a></li> |
| <li class="navBarCell1Rev">Class</li> |
| <li><a href="class-use/HttpMethodPermissionFilter.html">Use</a></li> |
| <li><a href="package-tree.html">Tree</a></li> |
| <li><a href="../../../../../../deprecated-list.html">Deprecated</a></li> |
| <li><a href="../../../../../../index-all.html">Index</a></li> |
| <li><a href="../../../../../../help-doc.html">Help</a></li> |
| </ul> |
| </div> |
| <div class="subNav"> |
| <ul class="navList"> |
| <li><a href="../../../../../../org/apache/shiro/web/filter/authz/HostFilter.html" title="class in org.apache.shiro.web.filter.authz"><span class="typeNameLink">Prev Class</span></a></li> |
| <li><a href="../../../../../../org/apache/shiro/web/filter/authz/PermissionsAuthorizationFilter.html" title="class in org.apache.shiro.web.filter.authz"><span class="typeNameLink">Next Class</span></a></li> |
| </ul> |
| <ul class="navList"> |
| <li><a href="../../../../../../index.html?org/apache/shiro/web/filter/authz/HttpMethodPermissionFilter.html" target="_top">Frames</a></li> |
| <li><a href="HttpMethodPermissionFilter.html" target="_top">No Frames</a></li> |
| </ul> |
| <ul class="navList" id="allclasses_navbar_top"> |
| <li><a href="../../../../../../allclasses-noframe.html">All Classes</a></li> |
| </ul> |
| <div> |
| <script type="text/javascript"><!-- |
| allClassesLink = document.getElementById("allclasses_navbar_top"); |
| if(window==top) { |
| allClassesLink.style.display = "block"; |
| } |
| else { |
| allClassesLink.style.display = "none"; |
| } |
| //--> |
| </script> |
| </div> |
| <div> |
| <ul class="subNavList"> |
| <li>Summary: </li> |
| <li>Nested | </li> |
| <li><a href="#fields.inherited.from.class.org.apache.shiro.web.filter.AccessControlFilter">Field</a> | </li> |
| <li><a href="#constructor.summary">Constr</a> | </li> |
| <li><a href="#method.summary">Method</a></li> |
| </ul> |
| <ul class="subNavList"> |
| <li>Detail: </li> |
| <li>Field | </li> |
| <li><a href="#constructor.detail">Constr</a> | </li> |
| <li><a href="#method.detail">Method</a></li> |
| </ul> |
| </div> |
| <a name="skip.navbar.top"> |
| <!-- --> |
| </a></div> |
| <!-- ========= END OF TOP NAVBAR ========= --> |
| <!-- ======== START OF CLASS DATA ======== --> |
| <div class="header"> |
| <div class="subTitle">org.apache.shiro.web.filter.authz</div> |
| <h2 title="Class HttpMethodPermissionFilter" class="title">Class HttpMethodPermissionFilter</h2> |
| </div> |
| <div class="contentContainer"> |
| <ul class="inheritance"> |
| <li><a href="https://docs.oracle.com/javase/6/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang">java.lang.Object</a></li> |
| <li> |
| <ul class="inheritance"> |
| <li><a href="../../../../../../org/apache/shiro/web/servlet/ServletContextSupport.html" title="class in org.apache.shiro.web.servlet">org.apache.shiro.web.servlet.ServletContextSupport</a></li> |
| <li> |
| <ul class="inheritance"> |
| <li><a href="../../../../../../org/apache/shiro/web/servlet/AbstractFilter.html" title="class in org.apache.shiro.web.servlet">org.apache.shiro.web.servlet.AbstractFilter</a></li> |
| <li> |
| <ul class="inheritance"> |
| <li><a href="../../../../../../org/apache/shiro/web/servlet/NameableFilter.html" title="class in org.apache.shiro.web.servlet">org.apache.shiro.web.servlet.NameableFilter</a></li> |
| <li> |
| <ul class="inheritance"> |
| <li><a href="../../../../../../org/apache/shiro/web/servlet/OncePerRequestFilter.html" title="class in org.apache.shiro.web.servlet">org.apache.shiro.web.servlet.OncePerRequestFilter</a></li> |
| <li> |
| <ul class="inheritance"> |
| <li><a href="../../../../../../org/apache/shiro/web/servlet/AdviceFilter.html" title="class in org.apache.shiro.web.servlet">org.apache.shiro.web.servlet.AdviceFilter</a></li> |
| <li> |
| <ul class="inheritance"> |
| <li><a href="../../../../../../org/apache/shiro/web/filter/PathMatchingFilter.html" title="class in org.apache.shiro.web.filter">org.apache.shiro.web.filter.PathMatchingFilter</a></li> |
| <li> |
| <ul class="inheritance"> |
| <li><a href="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html" title="class in org.apache.shiro.web.filter">org.apache.shiro.web.filter.AccessControlFilter</a></li> |
| <li> |
| <ul class="inheritance"> |
| <li><a href="../../../../../../org/apache/shiro/web/filter/authz/AuthorizationFilter.html" title="class in org.apache.shiro.web.filter.authz">org.apache.shiro.web.filter.authz.AuthorizationFilter</a></li> |
| <li> |
| <ul class="inheritance"> |
| <li><a href="../../../../../../org/apache/shiro/web/filter/authz/PermissionsAuthorizationFilter.html" title="class in org.apache.shiro.web.filter.authz">org.apache.shiro.web.filter.authz.PermissionsAuthorizationFilter</a></li> |
| <li> |
| <ul class="inheritance"> |
| <li>org.apache.shiro.web.filter.authz.HttpMethodPermissionFilter</li> |
| </ul> |
| </li> |
| </ul> |
| </li> |
| </ul> |
| </li> |
| </ul> |
| </li> |
| </ul> |
| </li> |
| </ul> |
| </li> |
| </ul> |
| </li> |
| </ul> |
| </li> |
| </ul> |
| </li> |
| </ul> |
| </li> |
| </ul> |
| <div class="description"> |
| <ul class="blockList"> |
| <li class="blockList"> |
| <dl> |
| <dt>All Implemented Interfaces:</dt> |
| <dd><a href="https://docs.oracle.com/javaee/5/api/javax/servlet/Filter.html?is-external=true" title="class or interface in javax.servlet">Filter</a>, <a href="../../../../../../org/apache/shiro/util/Nameable.html" title="interface in org.apache.shiro.util">Nameable</a>, <a href="../../../../../../org/apache/shiro/web/filter/PathConfigProcessor.html" title="interface in org.apache.shiro.web.filter">PathConfigProcessor</a></dd> |
| </dl> |
| <hr> |
| <br> |
| <pre>public class <a href="../../../../../../src-html/org/apache/shiro/web/filter/authz/HttpMethodPermissionFilter.html#line.78">HttpMethodPermissionFilter</a> |
| extends <a href="../../../../../../org/apache/shiro/web/filter/authz/PermissionsAuthorizationFilter.html" title="class in org.apache.shiro.web.filter.authz">PermissionsAuthorizationFilter</a></pre> |
| <div class="block">A filter that translates an HTTP Request's Method (eg GET, POST, etc) |
| into an corresponding action (verb) and uses that verb to construct a permission that will be checked to determine |
| access. |
| <p/> |
| This Filter is primarily provided to support REST environments where the type (Method) |
| of request translates to an action being performed on one or more resources. This paradigm works well with Shiro's |
| concepts of using permissions for access control and can be leveraged to easily perform permission checks. |
| <p/> |
| This filter functions as follows: |
| <ol> |
| <li>The incoming HTTP request's Method (GET, POST, PUT, DELETE, etc) is discovered.</li> |
| <li>The Method is translated into a more 'application friendly' verb, such as 'create', edit', 'delete', etc.</li> |
| <li>The verb is appended to any configured permissions for the |
| <a href="../../../../../../org/apache/shiro/web/filter/PathMatchingFilter.html" title="class in org.apache.shiro.web.filter"><code>currently matching path</code></a>.</li> |
| <li>If the current <code>Subject</code> <a href="../../../../../../org/apache/shiro/subject/Subject.html#isPermitted-java.lang.String-"><code>isPermitted</code></a> to |
| perform the resolved action, the request is allowed to continue.</li> |
| </ol> |
| <p/> |
| For example, if the following filter chain was defined, where 'rest' was the name given to a filter instance of |
| this class: |
| <pre> |
| /user/** = rest[user]</pre> |
| Then an HTTP <code>GET</code> request to <code>/user/1234</code> would translate to the constructed permission |
| <code>user:read</code> (GET is mapped to the 'read' action) and execute the permission check |
| <code>Subject.isPermitted("user:read")</code> in order to allow the request to continue. |
| <p/> |
| Similarly, an HTTP <code>POST</code> to <code>/user</code> would translate to the constructed permission |
| <code>user:create</code> (POST is mapped to the 'create' action) and execute the permission check |
| <code>Subject.isPermitted("user:create")</code> in order to allow the request to continue. |
| <p/> |
| <h3>Method To Verb Mapping</h3> |
| The following table represents the default HTTP Method-to-action verb mapping: |
| <table> |
| <tr><th>HTTP Method</th><th>Mapped Action</th><th>Example Permission</th><th>Runtime Check</th></tr> |
| <tr><td>head</td><td>read</td><td>perm1</td><td>perm1:read</td></tr> |
| <tr><td>get</td><td>read</td><td>perm2</td><td>perm2:read</td></tr> |
| <tr><td>put</td><td>update</td><td>perm3</td><td>perm3:update</td></tr> |
| <tr><td>post</td><td>create</td><td>perm4</td><td>perm4:create</td></tr> |
| <tr><td>mkcol</td><td>create</td><td>perm5</td><td>perm5:create</td></tr> |
| <tr><td>options</td><td>read</td><td>perm6</td><td>perm6:read</td></tr> |
| <tr><td>trace</td><td>read</td><td>perm7</td><td>perm7:read</td></tr> |
| </table></div> |
| <dl> |
| <dt><span class="simpleTagLabel">Since:</span></dt> |
| <dd>1.0</dd> |
| </dl> |
| </li> |
| </ul> |
| </div> |
| <div class="summary"> |
| <ul class="blockList"> |
| <li class="blockList"> |
| <!-- =========== FIELD SUMMARY =========== --> |
| <ul class="blockList"> |
| <li class="blockList"><a name="field.summary"> |
| <!-- --> |
| </a> |
| <h3>Field Summary</h3> |
| <ul class="blockList"> |
| <li class="blockList"><a name="fields.inherited.from.class.org.apache.shiro.web.filter.AccessControlFilter"> |
| <!-- --> |
| </a> |
| <h3>Fields inherited from class org.apache.shiro.web.filter.<a href="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html" title="class in org.apache.shiro.web.filter">AccessControlFilter</a></h3> |
| <code><a href="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html#DEFAULT_LOGIN_URL">DEFAULT_LOGIN_URL</a>, <a href="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html#GET_METHOD">GET_METHOD</a>, <a href="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html#POST_METHOD">POST_METHOD</a></code></li> |
| </ul> |
| <ul class="blockList"> |
| <li class="blockList"><a name="fields.inherited.from.class.org.apache.shiro.web.filter.PathMatchingFilter"> |
| <!-- --> |
| </a> |
| <h3>Fields inherited from class org.apache.shiro.web.filter.<a href="../../../../../../org/apache/shiro/web/filter/PathMatchingFilter.html" title="class in org.apache.shiro.web.filter">PathMatchingFilter</a></h3> |
| <code><a href="../../../../../../org/apache/shiro/web/filter/PathMatchingFilter.html#appliedPaths">appliedPaths</a>, <a href="../../../../../../org/apache/shiro/web/filter/PathMatchingFilter.html#pathMatcher">pathMatcher</a></code></li> |
| </ul> |
| <ul class="blockList"> |
| <li class="blockList"><a name="fields.inherited.from.class.org.apache.shiro.web.servlet.OncePerRequestFilter"> |
| <!-- --> |
| </a> |
| <h3>Fields inherited from class org.apache.shiro.web.servlet.<a href="../../../../../../org/apache/shiro/web/servlet/OncePerRequestFilter.html" title="class in org.apache.shiro.web.servlet">OncePerRequestFilter</a></h3> |
| <code><a href="../../../../../../org/apache/shiro/web/servlet/OncePerRequestFilter.html#ALREADY_FILTERED_SUFFIX">ALREADY_FILTERED_SUFFIX</a></code></li> |
| </ul> |
| <ul class="blockList"> |
| <li class="blockList"><a name="fields.inherited.from.class.org.apache.shiro.web.servlet.AbstractFilter"> |
| <!-- --> |
| </a> |
| <h3>Fields inherited from class org.apache.shiro.web.servlet.<a href="../../../../../../org/apache/shiro/web/servlet/AbstractFilter.html" title="class in org.apache.shiro.web.servlet">AbstractFilter</a></h3> |
| <code><a href="../../../../../../org/apache/shiro/web/servlet/AbstractFilter.html#filterConfig">filterConfig</a></code></li> |
| </ul> |
| </li> |
| </ul> |
| <!-- ======== CONSTRUCTOR SUMMARY ======== --> |
| <ul class="blockList"> |
| <li class="blockList"><a name="constructor.summary"> |
| <!-- --> |
| </a> |
| <h3>Constructor Summary</h3> |
| <table class="memberSummary" border="0" cellpadding="3" cellspacing="0" summary="Constructor Summary table, listing constructors, and an explanation"> |
| <caption><span>Constructors</span><span class="tabEnd"> </span></caption> |
| <tr> |
| <th class="colOne" scope="col">Constructor and Description</th> |
| </tr> |
| <tr class="altColor"> |
| <td class="colOne"><code><span class="memberNameLink"><a href="../../../../../../org/apache/shiro/web/filter/authz/HttpMethodPermissionFilter.html#HttpMethodPermissionFilter--">HttpMethodPermissionFilter</a></span>()</code> |
| <div class="block">Creates the filter instance with default method-to-action values in the instance's |
| <a href="../../../../../../org/apache/shiro/web/filter/authz/HttpMethodPermissionFilter.html#getHttpMethodActions--"><code>http method actions map</code></a>.</div> |
| </td> |
| </tr> |
| </table> |
| </li> |
| </ul> |
| <!-- ========== METHOD SUMMARY =========== --> |
| <ul class="blockList"> |
| <li class="blockList"><a name="method.summary"> |
| <!-- --> |
| </a> |
| <h3>Method Summary</h3> |
| <table class="memberSummary" border="0" cellpadding="3" cellspacing="0" summary="Method Summary table, listing methods, and an explanation"> |
| <caption><span id="t0" class="activeTableTab"><span>All Methods</span><span class="tabEnd"> </span></span><span id="t2" class="tableTab"><span><a href="javascript:show(2);">Instance Methods</a></span><span class="tabEnd"> </span></span><span id="t4" class="tableTab"><span><a href="javascript:show(8);">Concrete Methods</a></span><span class="tabEnd"> </span></span></caption> |
| <tr> |
| <th class="colFirst" scope="col">Modifier and Type</th> |
| <th class="colLast" scope="col">Method and Description</th> |
| </tr> |
| <tr id="i0" class="altColor"> |
| <td class="colFirst"><code>protected <a href="https://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a>[]</code></td> |
| <td class="colLast"><code><span class="memberNameLink"><a href="../../../../../../org/apache/shiro/web/filter/authz/HttpMethodPermissionFilter.html#buildPermissions-javax.servlet.http.HttpServletRequest-java.lang.String:A-java.lang.String-">buildPermissions</a></span>(<a href="https://docs.oracle.com/javaee/5/api/javax/servlet/http/HttpServletRequest.html?is-external=true" title="class or interface in javax.servlet.http">HttpServletRequest</a> request, |
| <a href="https://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a>[] configuredPerms, |
| <a href="https://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a> action)</code> |
| <div class="block">Returns a collection of String permissions with which to perform a permission check to determine if the filter |
| will allow the request to continue.</div> |
| </td> |
| </tr> |
| <tr id="i1" class="rowColor"> |
| <td class="colFirst"><code>protected <a href="https://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a>[]</code></td> |
| <td class="colLast"><code><span class="memberNameLink"><a href="../../../../../../org/apache/shiro/web/filter/authz/HttpMethodPermissionFilter.html#buildPermissions-java.lang.String:A-java.lang.String-">buildPermissions</a></span>(<a href="https://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a>[] configuredPerms, |
| <a href="https://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a> action)</code> |
| <div class="block">Builds a new array of permission strings based on the original argument, appending the specified action verb |
| to each one per <a href="../../../../../../org/apache/shiro/authz/permission/WildcardPermission.html" title="class in org.apache.shiro.authz.permission"><code>WildcardPermission</code></a> conventions.</div> |
| </td> |
| </tr> |
| <tr id="i2" class="altColor"> |
| <td class="colFirst"><code>protected <a href="https://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a></code></td> |
| <td class="colLast"><code><span class="memberNameLink"><a href="../../../../../../org/apache/shiro/web/filter/authz/HttpMethodPermissionFilter.html#getHttpMethodAction-javax.servlet.ServletRequest-">getHttpMethodAction</a></span>(<a href="https://docs.oracle.com/javaee/5/api/javax/servlet/ServletRequest.html?is-external=true" title="class or interface in javax.servlet">ServletRequest</a> request)</code> |
| <div class="block">Determines the action (verb) attempting to be performed on the filtered resource by the current request.</div> |
| </td> |
| </tr> |
| <tr id="i3" class="rowColor"> |
| <td class="colFirst"><code>protected <a href="https://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a></code></td> |
| <td class="colLast"><code><span class="memberNameLink"><a href="../../../../../../org/apache/shiro/web/filter/authz/HttpMethodPermissionFilter.html#getHttpMethodAction-java.lang.String-">getHttpMethodAction</a></span>(<a href="https://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a> method)</code> |
| <div class="block">Determines the corresponding application action that will be performed on the filtered resource based on the |
| specified HTTP method (GET, POST, etc).</div> |
| </td> |
| </tr> |
| <tr id="i4" class="altColor"> |
| <td class="colFirst"><code>protected <a href="https://docs.oracle.com/javase/6/docs/api/java/util/Map.html?is-external=true" title="class or interface in java.util">Map</a><<a href="https://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a>,<a href="https://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a>></code></td> |
| <td class="colLast"><code><span class="memberNameLink"><a href="../../../../../../org/apache/shiro/web/filter/authz/HttpMethodPermissionFilter.html#getHttpMethodActions--">getHttpMethodActions</a></span>()</code> |
| <div class="block">Returns the HTTP Method name (key) to action verb (value) mapping used to resolve actions based on an |
| incoming <code>HttpServletRequest</code>.</div> |
| </td> |
| </tr> |
| <tr id="i5" class="rowColor"> |
| <td class="colFirst"><code>boolean</code></td> |
| <td class="colLast"><code><span class="memberNameLink"><a href="../../../../../../org/apache/shiro/web/filter/authz/HttpMethodPermissionFilter.html#isAccessAllowed-javax.servlet.ServletRequest-javax.servlet.ServletResponse-java.lang.Object-">isAccessAllowed</a></span>(<a href="https://docs.oracle.com/javaee/5/api/javax/servlet/ServletRequest.html?is-external=true" title="class or interface in javax.servlet">ServletRequest</a> request, |
| <a href="https://docs.oracle.com/javaee/5/api/javax/servlet/ServletResponse.html?is-external=true" title="class or interface in javax.servlet">ServletResponse</a> response, |
| <a href="https://docs.oracle.com/javase/6/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang">Object</a> mappedValue)</code> |
| <div class="block">Resolves an 'application friendly' action verb based on the <code>HttpServletRequest</code>'s method, appends that |
| action to each configured permission (the <code>mappedValue</code> argument is a <code>String[]</code> array), and |
| delegates the permission check for the newly constructed permission(s) to the superclass |
| <a href="../../../../../../org/apache/shiro/web/filter/authz/PermissionsAuthorizationFilter.html#isAccessAllowed-javax.servlet.ServletRequest-javax.servlet.ServletResponse-java.lang.Object-"><code>isAccessAllowed</code></a> |
| implementation to perform the actual permission check.</div> |
| </td> |
| </tr> |
| </table> |
| <ul class="blockList"> |
| <li class="blockList"><a name="methods.inherited.from.class.org.apache.shiro.web.filter.authz.AuthorizationFilter"> |
| <!-- --> |
| </a> |
| <h3>Methods inherited from class org.apache.shiro.web.filter.authz.<a href="../../../../../../org/apache/shiro/web/filter/authz/AuthorizationFilter.html" title="class in org.apache.shiro.web.filter.authz">AuthorizationFilter</a></h3> |
| <code><a href="../../../../../../org/apache/shiro/web/filter/authz/AuthorizationFilter.html#getUnauthorizedUrl--">getUnauthorizedUrl</a>, <a href="../../../../../../org/apache/shiro/web/filter/authz/AuthorizationFilter.html#onAccessDenied-javax.servlet.ServletRequest-javax.servlet.ServletResponse-">onAccessDenied</a>, <a href="../../../../../../org/apache/shiro/web/filter/authz/AuthorizationFilter.html#setUnauthorizedUrl-java.lang.String-">setUnauthorizedUrl</a></code></li> |
| </ul> |
| <ul class="blockList"> |
| <li class="blockList"><a name="methods.inherited.from.class.org.apache.shiro.web.filter.AccessControlFilter"> |
| <!-- --> |
| </a> |
| <h3>Methods inherited from class org.apache.shiro.web.filter.<a href="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html" title="class in org.apache.shiro.web.filter">AccessControlFilter</a></h3> |
| <code><a href="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html#getLoginUrl--">getLoginUrl</a>, <a href="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html#getSubject-javax.servlet.ServletRequest-javax.servlet.ServletResponse-">getSubject</a>, <a href="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html#isLoginRequest-javax.servlet.ServletRequest-javax.servlet.ServletResponse-">isLoginRequest</a>, <a href="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html#onAccessDenied-javax.servlet.ServletRequest-javax.servlet.ServletResponse-java.lang.Object-">onAccessDenied</a>, <a href="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html#onPreHandle-javax.servlet.ServletRequest-javax.servlet.ServletResponse-java.lang.Object-">onPreHandle</a>, <a href="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html#redirectToLogin-javax.servlet.ServletRequest-javax.servlet.ServletResponse-">redirectToLogin</a>, <a href="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html#saveRequest-javax.servlet.ServletRequest-">saveRequest</a>, <a href="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html#saveRequestAndRedirectToLogin-javax.servlet.ServletRequest-javax.servlet.ServletResponse-">saveRequestAndRedirectToLogin</a>, <a href="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html#setLoginUrl-java.lang.String-">setLoginUrl</a></code></li> |
| </ul> |
| <ul class="blockList"> |
| <li class="blockList"><a name="methods.inherited.from.class.org.apache.shiro.web.filter.PathMatchingFilter"> |
| <!-- --> |
| </a> |
| <h3>Methods inherited from class org.apache.shiro.web.filter.<a href="../../../../../../org/apache/shiro/web/filter/PathMatchingFilter.html" title="class in org.apache.shiro.web.filter">PathMatchingFilter</a></h3> |
| <code><a href="../../../../../../org/apache/shiro/web/filter/PathMatchingFilter.html#getPathWithinApplication-javax.servlet.ServletRequest-">getPathWithinApplication</a>, <a href="../../../../../../org/apache/shiro/web/filter/PathMatchingFilter.html#isEnabled-javax.servlet.ServletRequest-javax.servlet.ServletResponse-java.lang.String-java.lang.Object-">isEnabled</a>, <a href="../../../../../../org/apache/shiro/web/filter/PathMatchingFilter.html#pathsMatch-java.lang.String-javax.servlet.ServletRequest-">pathsMatch</a>, <a href="../../../../../../org/apache/shiro/web/filter/PathMatchingFilter.html#pathsMatch-java.lang.String-java.lang.String-">pathsMatch</a>, <a href="../../../../../../org/apache/shiro/web/filter/PathMatchingFilter.html#preHandle-javax.servlet.ServletRequest-javax.servlet.ServletResponse-">preHandle</a>, <a href="../../../../../../org/apache/shiro/web/filter/PathMatchingFilter.html#processPathConfig-java.lang.String-java.lang.String-">processPathConfig</a></code></li> |
| </ul> |
| <ul class="blockList"> |
| <li class="blockList"><a name="methods.inherited.from.class.org.apache.shiro.web.servlet.AdviceFilter"> |
| <!-- --> |
| </a> |
| <h3>Methods inherited from class org.apache.shiro.web.servlet.<a href="../../../../../../org/apache/shiro/web/servlet/AdviceFilter.html" title="class in org.apache.shiro.web.servlet">AdviceFilter</a></h3> |
| <code><a href="../../../../../../org/apache/shiro/web/servlet/AdviceFilter.html#afterCompletion-javax.servlet.ServletRequest-javax.servlet.ServletResponse-java.lang.Exception-">afterCompletion</a>, <a href="../../../../../../org/apache/shiro/web/servlet/AdviceFilter.html#cleanup-javax.servlet.ServletRequest-javax.servlet.ServletResponse-java.lang.Exception-">cleanup</a>, <a href="../../../../../../org/apache/shiro/web/servlet/AdviceFilter.html#doFilterInternal-javax.servlet.ServletRequest-javax.servlet.ServletResponse-javax.servlet.FilterChain-">doFilterInternal</a>, <a href="../../../../../../org/apache/shiro/web/servlet/AdviceFilter.html#executeChain-javax.servlet.ServletRequest-javax.servlet.ServletResponse-javax.servlet.FilterChain-">executeChain</a>, <a href="../../../../../../org/apache/shiro/web/servlet/AdviceFilter.html#postHandle-javax.servlet.ServletRequest-javax.servlet.ServletResponse-">postHandle</a></code></li> |
| </ul> |
| <ul class="blockList"> |
| <li class="blockList"><a name="methods.inherited.from.class.org.apache.shiro.web.servlet.OncePerRequestFilter"> |
| <!-- --> |
| </a> |
| <h3>Methods inherited from class org.apache.shiro.web.servlet.<a href="../../../../../../org/apache/shiro/web/servlet/OncePerRequestFilter.html" title="class in org.apache.shiro.web.servlet">OncePerRequestFilter</a></h3> |
| <code><a href="../../../../../../org/apache/shiro/web/servlet/OncePerRequestFilter.html#doFilter-javax.servlet.ServletRequest-javax.servlet.ServletResponse-javax.servlet.FilterChain-">doFilter</a>, <a href="../../../../../../org/apache/shiro/web/servlet/OncePerRequestFilter.html#getAlreadyFilteredAttributeName--">getAlreadyFilteredAttributeName</a>, <a href="../../../../../../org/apache/shiro/web/servlet/OncePerRequestFilter.html#isEnabled--">isEnabled</a>, <a href="../../../../../../org/apache/shiro/web/servlet/OncePerRequestFilter.html#isEnabled-javax.servlet.ServletRequest-javax.servlet.ServletResponse-">isEnabled</a>, <a href="../../../../../../org/apache/shiro/web/servlet/OncePerRequestFilter.html#isFilterOncePerRequest--">isFilterOncePerRequest</a>, <a href="../../../../../../org/apache/shiro/web/servlet/OncePerRequestFilter.html#setEnabled-boolean-">setEnabled</a>, <a href="../../../../../../org/apache/shiro/web/servlet/OncePerRequestFilter.html#setFilterOncePerRequest-boolean-">setFilterOncePerRequest</a>, <a href="../../../../../../org/apache/shiro/web/servlet/OncePerRequestFilter.html#shouldNotFilter-javax.servlet.ServletRequest-">shouldNotFilter</a></code></li> |
| </ul> |
| <ul class="blockList"> |
| <li class="blockList"><a name="methods.inherited.from.class.org.apache.shiro.web.servlet.NameableFilter"> |
| <!-- --> |
| </a> |
| <h3>Methods inherited from class org.apache.shiro.web.servlet.<a href="../../../../../../org/apache/shiro/web/servlet/NameableFilter.html" title="class in org.apache.shiro.web.servlet">NameableFilter</a></h3> |
| <code><a href="../../../../../../org/apache/shiro/web/servlet/NameableFilter.html#getName--">getName</a>, <a href="../../../../../../org/apache/shiro/web/servlet/NameableFilter.html#setName-java.lang.String-">setName</a>, <a href="../../../../../../org/apache/shiro/web/servlet/NameableFilter.html#toStringBuilder--">toStringBuilder</a></code></li> |
| </ul> |
| <ul class="blockList"> |
| <li class="blockList"><a name="methods.inherited.from.class.org.apache.shiro.web.servlet.AbstractFilter"> |
| <!-- --> |
| </a> |
| <h3>Methods inherited from class org.apache.shiro.web.servlet.<a href="../../../../../../org/apache/shiro/web/servlet/AbstractFilter.html" title="class in org.apache.shiro.web.servlet">AbstractFilter</a></h3> |
| <code><a href="../../../../../../org/apache/shiro/web/servlet/AbstractFilter.html#destroy--">destroy</a>, <a href="../../../../../../org/apache/shiro/web/servlet/AbstractFilter.html#getFilterConfig--">getFilterConfig</a>, <a href="../../../../../../org/apache/shiro/web/servlet/AbstractFilter.html#getInitParam-java.lang.String-">getInitParam</a>, <a href="../../../../../../org/apache/shiro/web/servlet/AbstractFilter.html#init-javax.servlet.FilterConfig-">init</a>, <a href="../../../../../../org/apache/shiro/web/servlet/AbstractFilter.html#onFilterConfigSet--">onFilterConfigSet</a>, <a href="../../../../../../org/apache/shiro/web/servlet/AbstractFilter.html#setFilterConfig-javax.servlet.FilterConfig-">setFilterConfig</a></code></li> |
| </ul> |
| <ul class="blockList"> |
| <li class="blockList"><a name="methods.inherited.from.class.org.apache.shiro.web.servlet.ServletContextSupport"> |
| <!-- --> |
| </a> |
| <h3>Methods inherited from class org.apache.shiro.web.servlet.<a href="../../../../../../org/apache/shiro/web/servlet/ServletContextSupport.html" title="class in org.apache.shiro.web.servlet">ServletContextSupport</a></h3> |
| <code><a href="../../../../../../org/apache/shiro/web/servlet/ServletContextSupport.html#getContextAttribute-java.lang.String-">getContextAttribute</a>, <a href="../../../../../../org/apache/shiro/web/servlet/ServletContextSupport.html#getContextInitParam-java.lang.String-">getContextInitParam</a>, <a href="../../../../../../org/apache/shiro/web/servlet/ServletContextSupport.html#getServletContext--">getServletContext</a>, <a href="../../../../../../org/apache/shiro/web/servlet/ServletContextSupport.html#removeContextAttribute-java.lang.String-">removeContextAttribute</a>, <a href="../../../../../../org/apache/shiro/web/servlet/ServletContextSupport.html#setContextAttribute-java.lang.String-java.lang.Object-">setContextAttribute</a>, <a href="../../../../../../org/apache/shiro/web/servlet/ServletContextSupport.html#setServletContext-javax.servlet.ServletContext-">setServletContext</a>, <a href="../../../../../../org/apache/shiro/web/servlet/ServletContextSupport.html#toString--">toString</a></code></li> |
| </ul> |
| <ul class="blockList"> |
| <li class="blockList"><a name="methods.inherited.from.class.java.lang.Object"> |
| <!-- --> |
| </a> |
| <h3>Methods inherited from class java.lang.<a href="https://docs.oracle.com/javase/6/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang">Object</a></h3> |
| <code><a href="https://docs.oracle.com/javase/6/docs/api/java/lang/Object.html?is-external=true#clone--" title="class or interface in java.lang">clone</a>, <a href="https://docs.oracle.com/javase/6/docs/api/java/lang/Object.html?is-external=true#equals-java.lang.Object-" title="class or interface in java.lang">equals</a>, <a href="https://docs.oracle.com/javase/6/docs/api/java/lang/Object.html?is-external=true#finalize--" title="class or interface in java.lang">finalize</a>, <a href="https://docs.oracle.com/javase/6/docs/api/java/lang/Object.html?is-external=true#getClass--" title="class or interface in java.lang">getClass</a>, <a href="https://docs.oracle.com/javase/6/docs/api/java/lang/Object.html?is-external=true#hashCode--" title="class or interface in java.lang">hashCode</a>, <a href="https://docs.oracle.com/javase/6/docs/api/java/lang/Object.html?is-external=true#notify--" title="class or interface in java.lang">notify</a>, <a href="https://docs.oracle.com/javase/6/docs/api/java/lang/Object.html?is-external=true#notifyAll--" title="class or interface in java.lang">notifyAll</a>, <a href="https://docs.oracle.com/javase/6/docs/api/java/lang/Object.html?is-external=true#wait--" title="class or interface in java.lang">wait</a>, <a href="https://docs.oracle.com/javase/6/docs/api/java/lang/Object.html?is-external=true#wait-long-" title="class or interface in java.lang">wait</a>, <a href="https://docs.oracle.com/javase/6/docs/api/java/lang/Object.html?is-external=true#wait-long-int-" title="class or interface in java.lang">wait</a></code></li> |
| </ul> |
| </li> |
| </ul> |
| </li> |
| </ul> |
| </div> |
| <div class="details"> |
| <ul class="blockList"> |
| <li class="blockList"> |
| <!-- ========= CONSTRUCTOR DETAIL ======== --> |
| <ul class="blockList"> |
| <li class="blockList"><a name="constructor.detail"> |
| <!-- --> |
| </a> |
| <h3>Constructor Detail</h3> |
| <a name="HttpMethodPermissionFilter--"> |
| <!-- --> |
| </a> |
| <ul class="blockListLast"> |
| <li class="blockList"> |
| <h4>HttpMethodPermissionFilter</h4> |
| <pre>public <a href="../../../../../../src-html/org/apache/shiro/web/filter/authz/HttpMethodPermissionFilter.html#line.126">HttpMethodPermissionFilter</a>()</pre> |
| <div class="block">Creates the filter instance with default method-to-action values in the instance's |
| <a href="../../../../../../org/apache/shiro/web/filter/authz/HttpMethodPermissionFilter.html#getHttpMethodActions--"><code>http method actions map</code></a>.</div> |
| </li> |
| </ul> |
| </li> |
| </ul> |
| <!-- ============ METHOD DETAIL ========== --> |
| <ul class="blockList"> |
| <li class="blockList"><a name="method.detail"> |
| <!-- --> |
| </a> |
| <h3>Method Detail</h3> |
| <a name="getHttpMethodActions--"> |
| <!-- --> |
| </a> |
| <ul class="blockList"> |
| <li class="blockList"> |
| <h4>getHttpMethodActions</h4> |
| <pre>protected <a href="https://docs.oracle.com/javase/6/docs/api/java/util/Map.html?is-external=true" title="class or interface in java.util">Map</a><<a href="https://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a>,<a href="https://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a>> <a href="../../../../../../src-html/org/apache/shiro/web/filter/authz/HttpMethodPermissionFilter.html#line.139">getHttpMethodActions</a>()</pre> |
| <div class="block">Returns the HTTP Method name (key) to action verb (value) mapping used to resolve actions based on an |
| incoming <code>HttpServletRequest</code>. All keys and values are lower-case. The |
| default key/value pairs are defined in the top class-level JavaDoc.</div> |
| <dl> |
| <dt><span class="returnLabel">Returns:</span></dt> |
| <dd>the HTTP Method lower-case name (key) to lower-case action verb (value) mapping</dd> |
| </dl> |
| </li> |
| </ul> |
| <a name="getHttpMethodAction-javax.servlet.ServletRequest-"> |
| <!-- --> |
| </a> |
| <ul class="blockList"> |
| <li class="blockList"> |
| <h4>getHttpMethodAction</h4> |
| <pre>protected <a href="https://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a> <a href="../../../../../../src-html/org/apache/shiro/web/filter/authz/HttpMethodPermissionFilter.html#line.152">getHttpMethodAction</a>(<a href="https://docs.oracle.com/javaee/5/api/javax/servlet/ServletRequest.html?is-external=true" title="class or interface in javax.servlet">ServletRequest</a> request)</pre> |
| <div class="block">Determines the action (verb) attempting to be performed on the filtered resource by the current request. |
| <p/> |
| This implementation expects the incoming request to be an <a href="https://docs.oracle.com/javaee/5/api/javax/servlet/http/HttpServletRequest.html?is-external=true" title="class or interface in javax.servlet.http"><code>HttpServletRequest</code></a> and returns a mapped |
| action based on the HTTP request <a href="https://docs.oracle.com/javaee/5/api/javax/servlet/http/HttpServletRequest.html?is-external=true#getMethod--" title="class or interface in javax.servlet.http"><code>method</code></a>.</div> |
| <dl> |
| <dt><span class="paramLabel">Parameters:</span></dt> |
| <dd><code>request</code> - to pull the method from.</dd> |
| <dt><span class="returnLabel">Returns:</span></dt> |
| <dd>The string equivalent verb of the http method.</dd> |
| </dl> |
| </li> |
| </ul> |
| <a name="getHttpMethodAction-java.lang.String-"> |
| <!-- --> |
| </a> |
| <ul class="blockList"> |
| <li class="blockList"> |
| <h4>getHttpMethodAction</h4> |
| <pre>protected <a href="https://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a> <a href="../../../../../../src-html/org/apache/shiro/web/filter/authz/HttpMethodPermissionFilter.html#line.164">getHttpMethodAction</a>(<a href="https://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a> method)</pre> |
| <div class="block">Determines the corresponding application action that will be performed on the filtered resource based on the |
| specified HTTP method (GET, POST, etc).</div> |
| <dl> |
| <dt><span class="paramLabel">Parameters:</span></dt> |
| <dd><code>method</code> - to be translated into the verb.</dd> |
| <dt><span class="returnLabel">Returns:</span></dt> |
| <dd>The string equivalent verb of the method.</dd> |
| </dl> |
| </li> |
| </ul> |
| <a name="buildPermissions-javax.servlet.http.HttpServletRequest-java.lang.String:A-java.lang.String-"> |
| <!-- --> |
| </a> |
| <ul class="blockList"> |
| <li class="blockList"> |
| <h4>buildPermissions</h4> |
| <pre>protected <a href="https://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a>[] <a href="../../../../../../src-html/org/apache/shiro/web/filter/authz/HttpMethodPermissionFilter.html#line.185">buildPermissions</a>(<a href="https://docs.oracle.com/javaee/5/api/javax/servlet/http/HttpServletRequest.html?is-external=true" title="class or interface in javax.servlet.http">HttpServletRequest</a> request, |
| <a href="https://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a>[] configuredPerms, |
| <a href="https://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a> action)</pre> |
| <div class="block">Returns a collection of String permissions with which to perform a permission check to determine if the filter |
| will allow the request to continue. |
| <p/> |
| This implementation merely delegates to <a href="../../../../../../org/apache/shiro/web/filter/authz/HttpMethodPermissionFilter.html#buildPermissions-java.lang.String:A-java.lang.String-"><code>buildPermissions(String[], String)</code></a> and ignores the inbound |
| HTTP servlet request, but it can be overridden by subclasses for more complex request-specific building logic |
| if necessary.</div> |
| <dl> |
| <dt><span class="paramLabel">Parameters:</span></dt> |
| <dd><code>request</code> - the inbound HTTP request - ignored in this implementation, but available to |
| subclasses for more complex construction building logic if necessary</dd> |
| <dd><code>configuredPerms</code> - any url-specific permissions mapped to this filter in the URL rules mappings.</dd> |
| <dd><code>action</code> - the application-friendly action (verb) resolved based on the HTTP Method name.</dd> |
| <dt><span class="returnLabel">Returns:</span></dt> |
| <dd>a collection of String permissions with which to perform a permission check to determine if the filter |
| will allow the request to continue.</dd> |
| </dl> |
| </li> |
| </ul> |
| <a name="buildPermissions-java.lang.String:A-java.lang.String-"> |
| <!-- --> |
| </a> |
| <ul class="blockList"> |
| <li class="blockList"> |
| <h4>buildPermissions</h4> |
| <pre>protected <a href="https://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a>[] <a href="../../../../../../src-html/org/apache/shiro/web/filter/authz/HttpMethodPermissionFilter.html#line.217">buildPermissions</a>(<a href="https://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a>[] configuredPerms, |
| <a href="https://docs.oracle.com/javase/6/docs/api/java/lang/String.html?is-external=true" title="class or interface in java.lang">String</a> action)</pre> |
| <div class="block">Builds a new array of permission strings based on the original argument, appending the specified action verb |
| to each one per <a href="../../../../../../org/apache/shiro/authz/permission/WildcardPermission.html" title="class in org.apache.shiro.authz.permission"><code>WildcardPermission</code></a> conventions. The |
| built permission strings will be the ones used at runtime during the permission check that determines if filter |
| access should be allowed to continue or not. |
| <p/> |
| For example, if the <code>configuredPerms</code> argument contains the following 3 permission strings: |
| <p/> |
| <ol> |
| <li>permission:one</li> |
| <li>permission:two</li> |
| <li>permission:three</li> |
| </ol> |
| And the action is <code>read</code>, then the return value will be: |
| <ol> |
| <li>permission:one:read</li> |
| <li>permission:two:read</li> |
| <li>permission:three:read</li> |
| </ol> |
| per <a href="../../../../../../org/apache/shiro/authz/permission/WildcardPermission.html" title="class in org.apache.shiro.authz.permission"><code>WildcardPermission</code></a> conventions. Subclasses |
| are of course free to override this method or the |
| <a href="../../../../../../org/apache/shiro/web/filter/authz/HttpMethodPermissionFilter.html#buildPermissions-javax.servlet.http.HttpServletRequest-java.lang.String:A-java.lang.String-"><code>buildPermissions</code></a> request |
| variant for custom building logic or with different permission formats.</div> |
| <dl> |
| <dt><span class="paramLabel">Parameters:</span></dt> |
| <dd><code>configuredPerms</code> - list of configuredPerms to be converted.</dd> |
| <dd><code>action</code> - the resolved action based on the request method to be appended to permission strings.</dd> |
| <dt><span class="returnLabel">Returns:</span></dt> |
| <dd>an array of permission strings with each element appended with the action.</dd> |
| </dl> |
| </li> |
| </ul> |
| <a name="isAccessAllowed-javax.servlet.ServletRequest-javax.servlet.ServletResponse-java.lang.Object-"> |
| <!-- --> |
| </a> |
| <ul class="blockListLast"> |
| <li class="blockList"> |
| <h4>isAccessAllowed</h4> |
| <pre>public boolean <a href="../../../../../../src-html/org/apache/shiro/web/filter/authz/HttpMethodPermissionFilter.html#line.259">isAccessAllowed</a>(<a href="https://docs.oracle.com/javaee/5/api/javax/servlet/ServletRequest.html?is-external=true" title="class or interface in javax.servlet">ServletRequest</a> request, |
| <a href="https://docs.oracle.com/javaee/5/api/javax/servlet/ServletResponse.html?is-external=true" title="class or interface in javax.servlet">ServletResponse</a> response, |
| <a href="https://docs.oracle.com/javase/6/docs/api/java/lang/Object.html?is-external=true" title="class or interface in java.lang">Object</a> mappedValue) |
| throws <a href="https://docs.oracle.com/javase/6/docs/api/java/io/IOException.html?is-external=true" title="class or interface in java.io">IOException</a></pre> |
| <div class="block">Resolves an 'application friendly' action verb based on the <code>HttpServletRequest</code>'s method, appends that |
| action to each configured permission (the <code>mappedValue</code> argument is a <code>String[]</code> array), and |
| delegates the permission check for the newly constructed permission(s) to the superclass |
| <a href="../../../../../../org/apache/shiro/web/filter/authz/PermissionsAuthorizationFilter.html#isAccessAllowed-javax.servlet.ServletRequest-javax.servlet.ServletResponse-java.lang.Object-"><code>isAccessAllowed</code></a> |
| implementation to perform the actual permission check.</div> |
| <dl> |
| <dt><span class="overrideSpecifyLabel">Overrides:</span></dt> |
| <dd><code><a href="../../../../../../org/apache/shiro/web/filter/authz/PermissionsAuthorizationFilter.html#isAccessAllowed-javax.servlet.ServletRequest-javax.servlet.ServletResponse-java.lang.Object-">isAccessAllowed</a></code> in class <code><a href="../../../../../../org/apache/shiro/web/filter/authz/PermissionsAuthorizationFilter.html" title="class in org.apache.shiro.web.filter.authz">PermissionsAuthorizationFilter</a></code></dd> |
| <dt><span class="paramLabel">Parameters:</span></dt> |
| <dd><code>request</code> - the inbound <code>ServletRequest</code></dd> |
| <dd><code>response</code> - the outbound <code>ServletResponse</code></dd> |
| <dd><code>mappedValue</code> - the filter-specific config value mapped to this filter in the URL rules mappings.</dd> |
| <dt><span class="returnLabel">Returns:</span></dt> |
| <dd><code>true</code> if the request should proceed through the filter normally, <code>false</code> if the |
| request should be processed by this filter's |
| <a href="../../../../../../org/apache/shiro/web/filter/AccessControlFilter.html#onAccessDenied-javax.servlet.ServletRequest-javax.servlet.ServletResponse-java.lang.Object-"><code>AccessControlFilter.onAccessDenied(ServletRequest,ServletResponse,Object)</code></a> method instead.</dd> |
| <dt><span class="throwsLabel">Throws:</span></dt> |
| <dd><code><a href="https://docs.oracle.com/javase/6/docs/api/java/io/IOException.html?is-external=true" title="class or interface in java.io">IOException</a></code></dd> |
| </dl> |
| </li> |
| </ul> |
| </li> |
| </ul> |
| </li> |
| </ul> |
| </div> |
| </div> |
| <!-- ========= END OF CLASS DATA ========= --> |
| <!-- ======= START OF BOTTOM NAVBAR ====== --> |
| <div class="bottomNav"><a name="navbar.bottom"> |
| <!-- --> |
| </a> |
| <div class="skipNav"><a href="#skip.navbar.bottom" title="Skip navigation links">Skip navigation links</a></div> |
| <a name="navbar.bottom.firstrow"> |
| <!-- --> |
| </a> |
| <ul class="navList" title="Navigation"> |
| <li><a href="../../../../../../overview-summary.html">Overview</a></li> |
| <li><a href="package-summary.html">Package</a></li> |
| <li class="navBarCell1Rev">Class</li> |
| <li><a href="class-use/HttpMethodPermissionFilter.html">Use</a></li> |
| <li><a href="package-tree.html">Tree</a></li> |
| <li><a href="../../../../../../deprecated-list.html">Deprecated</a></li> |
| <li><a href="../../../../../../index-all.html">Index</a></li> |
| <li><a href="../../../../../../help-doc.html">Help</a></li> |
| </ul> |
| </div> |
| <div class="subNav"> |
| <ul class="navList"> |
| <li><a href="../../../../../../org/apache/shiro/web/filter/authz/HostFilter.html" title="class in org.apache.shiro.web.filter.authz"><span class="typeNameLink">Prev Class</span></a></li> |
| <li><a href="../../../../../../org/apache/shiro/web/filter/authz/PermissionsAuthorizationFilter.html" title="class in org.apache.shiro.web.filter.authz"><span class="typeNameLink">Next Class</span></a></li> |
| </ul> |
| <ul class="navList"> |
| <li><a href="../../../../../../index.html?org/apache/shiro/web/filter/authz/HttpMethodPermissionFilter.html" target="_top">Frames</a></li> |
| <li><a href="HttpMethodPermissionFilter.html" target="_top">No Frames</a></li> |
| </ul> |
| <ul class="navList" id="allclasses_navbar_bottom"> |
| <li><a href="../../../../../../allclasses-noframe.html">All Classes</a></li> |
| </ul> |
| <div> |
| <script type="text/javascript"><!-- |
| allClassesLink = document.getElementById("allclasses_navbar_bottom"); |
| if(window==top) { |
| allClassesLink.style.display = "block"; |
| } |
| else { |
| allClassesLink.style.display = "none"; |
| } |
| //--> |
| </script> |
| </div> |
| <div> |
| <ul class="subNavList"> |
| <li>Summary: </li> |
| <li>Nested | </li> |
| <li><a href="#fields.inherited.from.class.org.apache.shiro.web.filter.AccessControlFilter">Field</a> | </li> |
| <li><a href="#constructor.summary">Constr</a> | </li> |
| <li><a href="#method.summary">Method</a></li> |
| </ul> |
| <ul class="subNavList"> |
| <li>Detail: </li> |
| <li>Field | </li> |
| <li><a href="#constructor.detail">Constr</a> | </li> |
| <li><a href="#method.detail">Method</a></li> |
| </ul> |
| </div> |
| <a name="skip.navbar.bottom"> |
| <!-- --> |
| </a></div> |
| <!-- ======== END OF BOTTOM NAVBAR ======= --> |
| <p class="legalCopy"><small>Copyright © 2004–2023 <a href="https://www.apache.org/">The Apache Software Foundation</a>. All rights reserved.</small></p> |
| </body> |
| </html> |